This is default listen port for distcc daemon (distributed C/C++ compiler). It only supports IP based authentication and defaults to allow from all, which means anyone can use it. It does no other harm than letting others to use your hardware (at +5 nice) to speed up their compilation process.

Adam Nowacki

2004-07-01 16:26:52

3632 is default listen port for distcc daemon (distributed C/C++ compiler). It only supports IP based authentication and defaults to allow from all, which means anyone can use it. It does no other harm than letting others to use your hardware (at +5 nice) to speed up their compilation process.

arzie

2004-06-20 20:14:44

Port 4672/udp is used by the emule file sharing software.
http://www.emule-project.net/home/perl/help.cgi?l=2&topic_id=27&rm=show_topic

Javier Fernandez-Sanguino

2003-12-14 08:56:37

It might be worthwhile adding the CVE entries related to known Apache security vulnerabilities. Sources for information with these are:
- http://www.apacheweek.com/features/security-13 for Apache 1.3
and
- http://www.apacheweek.com/features/security-20 for Apache 2..0

Marcus H. Sachs, SANS Institute

2003-10-10 00:33:47

SANS Top-20 Entry:
W1 Internet Information Services (IIS)
http://isc.sans.org/top20.html#w1
Default installations of Internet Information Services (IIS) have proven vulnerable to a number of serious attacks over time. The impact of these vulnerabilities can include:
- Denial of service
- Exposure or compromise of sensitive files or data
- Execution of arbitrary commands
- Complete compromise of the server
----------
SANS Top-20 Entry:
U3 Apache Web Server
http://isc.sans.org/top20.html#u3
Apache has historically been, and continues to be the most popular web server on the Internet. In comparison to Microsofts Internet Information Server, Apache may have a cleaner record in regards to security, but it still has its fair share of vulnerabilities.
In addition to exploits in Apaches core and modules (CA-2002-27, CA-2002-17), SQL, databases, CGI, PHP vulnerabilities are all potentially exposed through the web server.
If left unsecured, vulnerabilities in the Apache web server implementation and associated components can result in denial of service, information disclosure, web site defacement, remote root access, or countless other unfavorable results.

"Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi."

"loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a ""/"" in front of the target filename in the ""file"" parameter."

"Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0)."

"Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES

"The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi

"Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature."

"Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2) _out_file."

"IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to cause a denial of service (crash) via an HTTP request to helpout.exe with a missing HTTP version number

"The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments."

"Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters."